Fuchsia builds that include
sshd start a program called
listen that is similar in nature to
inetd from other platforms, in that
listen takes the responsibility to listen on a socket and spawn programs when connections are made.
listen is configured to spawn
sshd when it receives a connection on port 22 over either IPv4 or IPv6.
The sshd is configured such that it expects a username of
There is a minimal program called
hostkeygen that is also run on startup, that will create a host private key file in
/data/ssh/ if none is already present.
jiri tool is configured to run a script on checkout that provisions a user specific SSH key into
$FUCHSIA_DIR/.ssh/pkey and an associated authorized_keys file into
$FUCHSIA_DIR/.ssh/authorized_keys. Users are free to replace the contents of the authorized_keys file with their preferred keys if they desire, for example to add keys from your ssh-agent, one might invoke:
ssh-add -L > $FUCHSIA_DIR/.ssh/authorized_keys.
User keys can be provisioned to Fuchsia devices in several ways:
fx pavedoes this).
extra_authorized_keysbuild argument. This approach is not recommended, as the image artifacts produced by a build in this case are by side effect specialized to the given keys.
curl -o /data/ssh/authorized_keys https://github.com/<username>.keys
-Ntypically used to background a connection does not currently work. The workaround is to run a long running program such as
The clients are built but don't work yet.